$Id: ChangeLog,v 2.415 2009/11/06 10:26:22 lukeh Exp $
===============================================================
265 Luke Howard <lukeh@padl.com>
* fix for BUG#132: add versioning information to binary
* fix for BUG#403: add AM_MAINTAINER_MODE
* fix for BUG#388: bad LDAP query for ether lookups
* fix for BUG#391: clarify bind timelimit defaults
in ldap.conf
* fix for BUG#392: call do_close() if ldap_result()
or ldap_parse_result() fails (before returning
NSS_UNAVAIL)
* fix for BUG#401: FreeBSD thread library check
* fix for BUG#409: deallocate context in
_nss_ldap_ent_context_release() to avoid bad usage
* fix for BUG#410: don't leak file descriptors in
_nss_ldap_readconfig
264 Luke Howard <lukeh@padl.com>
* fix for BUG#378: MAP_H_ERRNO() should map NSS_TRYAGAIN
to NETDB_INTERNAL not TRY_AGAIN
* fix for BUG#379: ldaps:// URIs only work if "ssl on"
is set
* fix for BUG#248: nss_ldap exposes malformed entries
to the system
263 Luke Howard <lukeh@padl.com>
* fix for BUG#374: nss_ldap returns success from
setnetgrent() when the requested netgroup doesn't
exist
* fix for BUG#376: getXXent() only returns NULL once
before implicitly calling setXXent(), whereas other
backends continue to return NULL (Red Hat BUG#466794)
262 Luke Howard <lukeh@padl.com>
* fix for BUG#370: nss_ldap fails to work on Solaris
without that patch applied
261 Luke Howard <lukeh@padl.com>
* fix for Debian BUG#486778: ldap.conf template is
missing a comment in the first line
260 Luke Howard <lukeh@padl.com>
* patch from Ralf Haferkamp <rhafer@suse.de>:
only set errno for NSS_TRYAGAIN
259 Luke Howard <lukeh@padl.com>
* fix for BUG#348: fix memory leak
* fix for BUG#349: nss_ldap crashes after START_TLS timeout
(assertion failure in libldap)
* fix for BUG#350: assertion failure in ldap_result (called
from do_result())
* fix for BUG#351: double ldap_msgfree()
258 Luke Howard <lukeh@padl.com>
* fix for BUG#343: nss_srv_domain should take a domain
not a record
* fix for BUG#339: replacement code for Kerbeors
SASL operations
* fix for BUG#338: nss_ldap constructs LDAP URIs
incorrectly
* fix for BUG#337: configure fails to detect resolver
functions
* fix for BUG#332: --enable-schema-mapping incorrectly
maps pw_change
* fix for BUG#293: add nss_getgrent_skipmembers
parameter to ldap.conf, if enabled will not request
member attributes for group lookups, greatly increasing
performance for large groups
* fix for BUG#272: nss_ldap's install target doesn't
always create the right solink for x86_64 glibc
* fix for BUG#284: an error occurs during bulding with
cyrus-sasl2 when the compiler option 'as-needed' is used
257 Luke Howard <lukeh@padl.com>
* patch from Ralf Haferkamp <rhafer@suse.de>:
block SIGPIPE in atfork handler
256 Luke Howard <lukeh@padl.com>
* patch from Tomas Janousek <tjanouse@redhat.com>
to check for pthread_once(); __pthread_once does
not imply __pthread_atfork being non-NULL
* fix for BUG#315: memory corruption/crash in
initgroups parsing
255 Luke Howard <lukeh@padl.com>
* fix for BUG#303: SSL port behavior change since
version 241
* fix for BUG#304: fd leak in do_close_no_unbind
* fix for BUG#313: assertion in do_init() when no
host/uri is configured
* patch from Adrian Bridgett <adrian@smop.co.uk>
for Debian BUG#375533: Assertion failure in
libnss-ldap
254 Luke Howard <lukeh@padl.com>
* fix for BUG#292: array bounds check in ldap-network.c
* fix for BUG#296: fix stack buffer optimization
* fix for BUG#297: gethostbyname2 queried with AF_INET6
returns OK with IPv4 address
* fix for Novell BUG#215911: crasher parsing nested
groups
253 Luke Howard <lukeh@padl.com>
* fix crasher if an empty buffer is passed to
initgroups (glibc NSS only)
* fix for BUG#283: netgroup assertion failure in
Solaris mountd
252 Luke Howard <lukeh@padl.com>
* doc/lookup_nssldap.c: rewrite for autofs-4.1.3
251 Luke Howard <lukeh@padl.com>
* remove doc/rfc2307.txt, it is available from
http://www.ietf.org/rfc/rfc2307.txt
* make objectClass a mappable attribute
250 Luke Howard <lukeh@padl.com>
* don't use static _nss_ldap_no_members buffer,
causes crash when nss_ldap is unloaded and memory
is still referenced
* fix for BUG#249: tcsh closes file descriptors,
confuses nss_ldap and hangs (from David Houlder)
* fix for BUG#257: initgroups() broken in RFC2307bis
support disabled
* fix for BUG#261: sslpath example wrong
* fix for BUG#263: compile do_triple_permutations()
when IRS enabled
249 Luke Howard <lukeh@padl.com>
* fix for BUG#253: build broken on AIX
* fix for BUG#255: deadlock in initgroups
248 Luke Howard <lukeh@padl.com>
* fix regression in per-objectclass attribute mapping
introduced in nss_ldap-246
247 Luke Howard <lukeh@padl.com>
* double-check *ld != NULL even if mapped eror return
from ldap_initialize() returns NSS_SUCCESS
246 Luke Howard <lukeh@padl.com>
* paged results and RFC2307bis support are now always
compiled in; they are by default disabled unless
you configured with --enable-paged-results and
--enable-rfc2307bis, respectively. See nss_ldap(5)
for configuration options.
* fix for BUG#219: paged results delivers wrong results
* fix for BUG#222: use asynchronous start TLS if
available, using bind_timeout value
* fix for BUG#235: make DNS SRV lookup domain
configurable (nss_srv_domain)
* fix for BUG#240: return "*" rather than "x" for
userPassword if not present
* fix for BUG#245: paged results broken since nss_ldap-241
* patch from Ralf Haferkamp <rhafer@suse.de>:
compile fix for IPv6
* compile for Solaris
* schema mapping is always enabled, cleanup schema
mapping code
* allow for map-specific objectclass mapping
* partial implementation of Solaris Simplified LDAP
API, allows automountd support on Solaris via nss_ldap
* for Linux automounter, always close connection after
endautomntent() to avoid persistent connection
* add nss_connect_policy argument to ldap.conf
245 Luke Howard <lukeh@padl.com>
* don't leak LDAP connection if do_bind() failed or
descriptor owner had changed. If do_bind() failed the
underlying descriptor would also be leaked, causing a
large number of sockets to be consumed during failover
* add nss_initgroups_ignoreusers parameter to ldap.conf,
returns NOTFOUND if nss_ldap's initgroups() is called
for users (comma separated)
* try to deal with systems that have headers for both
versions of the SASL library installed
* better logging of failed connections and reconnections
* patch from Dean Michaels <dean@interdynamix.com>:
build with Netscape 5 library on Solaris
* patch from Ralf Haferkamp <rhafer@suse.de>:
manual page fix to bind_policy
244 Luke Howard <lukeh@padl.com>
* patch from Ralf Haferkamp <rhafer@suse.de>:
enusre bytesleft macro does not return values < 0
* include <sys/param.h> in ldap-nss.c
243 Luke Howard <lukeh@padl.com>
* fix for BUG#225: invalid pointer dereferencing when
reading rootpw
242 Luke Howard <lukeh@padl.com>
* fixes for compiling on Solaris 10
241 Luke Howard <lukeh@padl.com>
* new, more robust reconnection logic
* both "host" and "uri" directives can be used in
ldap.conf
* new (undocumented) nss_reconnect_tries,
nss_reconnect_sleeptime, nss_reconnect_maxsleeptime,
nss_reconnect_maxconntries directives
* reload configuration file if changed
240 Luke Howard <lukeh@padl.com>
* new API for resolving automounts (requires custom
autofs plugin for Linux at present):
_nss_ldap_setautomntent(), _nss_ldap_getautomntent(),
_nss_ldap_endautomntent(), _nss_ldap_getautomntbyname_r()
* fix for BUG#200: rename SOCKLEN_T as it conflicts on AIX
* fix for BUG#205: accept line feeds in ldap.conf
* fix for BUG#211: nss_ldap fails to start TLS on referred
connections
* fix for BUG#213: initgroups crash if RFC2307bis undefined
* turn down reconnection logging volume
239 Luke Howard <lukeh@padl.com>
* support for initgroups using backlinks (selectable
at runtime if RFC2307bis support is enabled, using
the nss_initgroups backlink configuration directive)
* support for dynamically expanding filter sizes
* from Peter Marschall <peter@adpm.de>:
revert the deletion of blanks/tabs in ldap.conf that
happened between 235 and 238
* from Peter Marschall <peter@adpm.de>:
This patch changes configure.in and Makefile.am so that
ldap.conf gets installed in the place and with the name
that is given to the configure option --with-ldap-conf-file.
In addition to that it fixes a long standing bug in
Makefile.am that tries to install a file before the
destination directory is guaranteed to be created (hunk #3),
and uses $(mkinstalldirs) for AIX (hunk #2).
238 Luke Howard <lukeh@padl.com>
* more manual page updates
237 Luke Howard <lukeh@padl.com>
* more manual page updates
236 Luke Howard <lukeh@padl.com>
* fix for BUG#201: typo in ldap-schema.c causing build
to fail
* add manual page for nss_ldap
235 Luke Howard <lukeh@padl.com>
* fix for BUG#198: make pagesize configurable
* fix for BUG#199: correct fix for BUG#138
(blind last char remove in ldap.secret)
234 Luke Howard <lukeh@padl.com>
* don't reacquire global lock in do_next_page()
* restore old "bind_policy hard" behaviour (don't try to
reconnect if initialization failed). The behaviour
introduced in nss_ldap-227 can be enabled with
"bind_policy hard_init".
233 Luke Howard <lukeh@padl.com>
* if do_open() returns NSS_UNAVAIL, don't try to do
server reconnect; only do it if NSS_TRYAGAIN is returned
This should fix the problems introduced by the fixes in
nss_ldap-227 (delayed binding)
232 Luke Howard <lukeh@padl.com>
* fix for BUG#138 (blind last char remove in ldap.secret)
230 Luke Howard <lukeh@padl.com>
* don't free gss_krb5_ccache_name() output (Heimdal)
229 Luke Howard <lukeh@padl.com>
* more debugging in initgroups and _nss_ldap_getentry()
* fix _nss_ldap_getentry() enumeration behaviour, and
optimize by not searching if the requested attribute
cannot be mapped
228 Luke Howard <lukeh@padl.com>
* fix for BUG#188: better documentation for OpenLDAP
SSL options
* fix for BUG#189: do not configure tls_checkpeer
unless it is explicitly specifier in ldap.conf
* fix for BUG#190: set ls_state to LS_UNINITIALIZED
after fork
227 Luke Howard <lukeh@padl.com>
* separate initializing LDAP session with actually
connecting to the DSA, so that we don't try to
bind until we actually need to search (which allows
the retry logic in the search function to also apply
to binding). NB: this will only provide improved
behaviour for LDAP client libraries that support
ldap_init() or ldap_initialize() rather than ldap_open
* fix for BUG#183: support pw_change and pw_expire
on BSD
* fix for BUG#187: NSS_BUFLEN_DEFAULT causing problems
on IRS platforms
* fix for glibc 2.1 from Alexander Spannagel
226 Luke Howard <lukeh@padl.com>
* make LDAP_NSS_NGROUPS configurable with
--with-ngroups (experts only) option
225 Luke Howard <lukeh@padl.com>
* make LDAP_NSS_NGROUPS 64 - better choice for
small directories
224 Luke Howard <lukeh@padl.com>
* don't double-free on realloc() failure in
do_parse_group_members()
* don't pass LDAP session as an argument, as
it may refer to a stale LDAP handle. If this
does not work we will need to replace LDAPMessage
pointers with pointers to a structure that
contains a reference-counted LDAP handle as well
as the message
* fix crasher when internal group membership
buffer was reallocated (introduced with nested
group expansion code)
* immediately return NSS_TRYAGAIN and errno=ERANGE
if there is not enough buffer space to handle
LDAP_NSS_NGROUPS groups; this prevents getgrXXX()
from expensive repeated directory searches when
there is a priori knowledge that group memberships
are large
223 Luke Howard <lukeh@padl.com>
* allow empty lines in /etc/ldap.conf
* do loop detection in nested groups
* fixes for building with IRS on FreeBSD 4.10
222 Luke Howard <lukeh@padl.com>
* fix deadlock in _nss_ldap_getentry()
* support more AIX usersec attributes
* more AIX porting fixes
* support Heimdal as well as MIT Kerberos
221 Luke Howard <lukeh@padl.com>
* AIX fix from <carlos.celso@embraer.com.br>
Recall #169033
* support for expansion of nested RFC2307bis groups
* support for searching using range retrieval
* fix memory leak with private contexts
* fix memory leak in do_result()
* implement _nss_ldap_getentry for AIX enumeration
* implement netgroups for IRS/AIX
* remove dependency on Berkeley DB - schema mapping
and RFC2307bis no longer requires DB
* remove old NeXT cruft in resolve.c
220 Luke Howard <lukeh@padl.com>
* fix for BUG#169: getntohost() on Solaris
* fix for BUG#170: _nss_ldap_getgroupsbymember_r fails
to return all groups when NSCD is running and
attribute mapping is enabled on Solaris
* fix for BUG#173: reinstate use of sigaction()
(XXX what is the correct fix here?)
* fix for BUG#174: innetgr() depth checking
218 Luke Howard <lukeh@padl.com>
* fix for BUG#168: set errnop to ENOENT if not found
* check for -lgssapi before -lgssapi_krb5
217 Luke Howard <lukeh@padl.com>
* fix for BUG#167: compilation fails on Solaris
216 Luke Howard <lukeh@padl.com>
* patch from Thorsten Kukuk to avoid overwriting
sockaddr storage for IPv6; use struct
sockaddr_storage if available
* fix for BUG#153: use asynchronous search API
in initgroups()
* fix for BUG#157: check for __pthread_once rather
than __pthread_atfork on glibc, as the latter is
no longer exported
* fix for BUG#158: escape netgroup search filters
correctly
* fix for BUG#161: remove redundant lock in
_nss_ldap_innetgr()
* fix for BUG#164: set schema element array size
to LM_NONE + 1 not LM_NONE
* fix for BUG#165: make _nss_ldap_result() private
* fix for BUG#166: chase all nested netgroups in
innetgr()
* fix deadlock if getXXXent() called without first
calling setXXXent()
* only request gidNumber attribute when initgroups()
(avoids sending back rest of a group's entry)
* don't request any attributes when mapping a user
to a DN (we want the DN only)
215 Luke Howard <lukeh@padl.com>
* choose between using native GSS-API and putenv()
for setting ccache path
* per-map attribute mapping for attributes that
appear in multiple maps
214 Luke Howard <lukeh@padl.com>
* define LDAP_DEPRECATED for compiling against
OpenLDAP 2.2
213 Luke Howard <lukeh@padl.com>
* fix netgroup compilation error when debugging is
enabled
* support GSS-API for setting ccache name
* initgroups() should require user to be a POSIX
account
* define LOGNAME_MAX for HP-UX
* do not use sigprocmask() - this blocks rather
than disabling signals
* SASL version check fix from Howard Chu
212 Luke Howard <lukeh@padl.com>
* Solaris netgroup support test release
* fix crasher in do_sasl_interact()
* do_sasl_interact() needs to strdup() result for
Cyrus SASL 1.x but not 2.x
* merge in LDAP debug patch from Howard Chu
* try alternate search descriptors on NSS_NOTFOUND
as well as NSS_SUCCESS
211 Luke Howard <lukeh@padl.com>
* do AT_OC_MAP cache initialization at config init
* BSD build fixes
* replace [h]errno2nssstat lookup tables with switch
statement; should help building on AIX!
210 Luke Howard <lukeh@padl.com>
* initialize DBT structures
* fix SASL crasher
209 Luke Howard <lukeh@padl.com>
* fix SASL breakage
208 Luke Howard <lukeh@padl.com>
* use socklen_t not int
* remove OpenLDAP SASL code
* incorporated patches from (see below) Geert Jansen
* add the "sasl_secprops" option to configure SASL
security layers (usage as for OpenLDAP ldap.conf)
* add the "krb5_ccname" option to specify the
location of the Kerberos ticket cache
(requires --enable-configurable-krb5-ccname for
now as it is a fairly coarse solution to a lack
of appropriate API in the Kerberos libraries)
* add support for native Active Directory password
policy attributes (enabled if shadowLastChange is
mapped to pwdLastSet)
* add "nss_override_attribute_value" and
"nss_default_attribute_value" keywords for over-
riding and setting default attribute values,
respectively
207 Luke Howard <lukeh@padl.com>
* work without LDAP_OPT_X_TLS_RANDOM_FILE
* fix schema mapping regression from nss_ldap-205;
attribute mapping now works again
205 Luke Howard <lukeh@padl.com>
* build with Sleepycat DB without db185 compat layer
(tested with 4.x; needs testing on 3.x)
204 Luke Howard <lukeh@padl.com>
* Linux netgroup implementation from Larry Lile
* Multiple service search descriptor support from
Symas
* IPv6 patch from Thorsten Kukuk at SuSE
203 Luke Howard <lukeh@padl.com>
* fix for BUG#115
* fix for BUG#121
202 Luke Howard <lukeh@padl.com>
* getsockname() fixes from Howard Chu
* configuration parser crasher fix
201 Luke Howard <lukeh@padl.com>
* Berkeley DB fixes from Howard Chu
* Netscape client library build fix
200 Luke Howard <lukeh@padl.com>
* use sigprocmask() if available to block SIGPIPE
* fix build breakage with OpenLDAP HEAD
199 Luke Howard <lukeh@padl.com>
* HP-UX port
* BUG#111: incorrect debugging statement in
_nss_ldap_enter()
* export required symbols only on Linux
* corrected symbol names for glibc alias enumeration
functions
* the DNS response parser doesn't stop after parsing the
right number of records, and doesn't handle long responses
(Nalin at RedHat)
198 Luke Howard <lukeh@padl.com>
* BUG#108: fix potential buffer overflow in dnsconfig.c
(could be triggered if no flat file configuration
for nss_ldap and large DNS SRV data for domain;
because nss_ldap in SRV mode trusts DNS we do
not believe this to be exploitable to elevate
privilege in the default configuration)
* do not malloc() configuration structure; use
buffer
197 Luke Howard <lukeh@padl.com>
* improved AIX documentation from Dejan Muhamedagic
* define LDAP_OPT_SSL for Solaris 9
196 Luke Howard <lukeh@padl.com>
* return NSS_TRYAGAIN not NSS_NOTFOUND for insufficient
buffer space in dn2uid_cache_get()
* support automake 1.5 and friends
* out of box build on AIX 4.3.3
* fixed BUG#104: do_ssl_options() return code ignored
195 Luke Howard <lukeh@padl.com>
* fixed BUG#98: large groups cause buffer length
wraparound with rfc2307bis
194 Luke Howard <lukeh@padl.com>
* bugfix for Debian Bug report #147553: lack of global
mutex use in initgroups()
193 Luke Howard <lukeh@padl.com>
* support for PADL GSS-SASL client library
192 Luke Howard <lukeh@padl.com>
* more carefully compare cached socket and peer
addresses
191 Luke Howard <lukeh@padl.com>
* added configurable [hard|soft] reconnect, see the
bind_policy parameter in ldap.conf.
190 Luke Howard <lukeh@padl.com>
* check for Netscape 4 SDK without SSL; don't require
pthreads for these
189 Luke Howard <lukeh@padl.com>
* patch for building on OpenLDAP 1.x from Nalin
at RedHat
188 Luke Howard <lukeh@padl.com>
* specify runtime path for LDAP library correctly to
native Solaris linker
* check for gcc correctly
* use native linker on Solaris and AIX
187 Luke Howard <lukeh@padl.com>
* make bogusSd in ldap-nss.c conditional on
!HAVE_LDAP_LD_FREE
* merge in paged result support from Max Caines
* bugfixes for Debian Bug report #140854
186 Luke Howard <lukeh@padl.com>
* incorporated patch for Debian Bug report #140854,
where nss_ldap could in some cases close a
descriptor it did not own. Patch was provided
by Luca Filipozzi.
185 Luke Howard <lukeh@padl.com>
* updated copyrights
* fix for BUG#82: set close on exec (Debian bug 136953)
184 Luke Howard <lukeh@padl.com>
* return NSS_TRYAGAIN if no buffer space in ldap-grp.c
183 Luke Howard <lukeh@padl.com>
* return error strings in AIX authentication routine
* initialise schema in getgroupsbymember()
* fix for tls_checkpeer; pass NULL session in to
set global option
* BUG#77: configurable config file locations
181 Luke Howard <lukeh@padl.com>
* ignore SIGPIPE whilst inside nss_ldap library routines
to prevent crashing on down LDAP server; possible fix
for Debian bug 130006
* removed --enable-no-so-keepalive; always try to
disable SO_KEEPALIVE on underlying socket to LDAP
server
* include local copy of irs.h under AIX
* general cleanup of locking code
* _nss_ldap_no_members appears to only need defining for
when RFC2307bis is enabled
180 Luke Howard <lukeh@padl.com>
* pull in libpthreads on AIX
179 Luke Howard <lukeh@padl.com>
* a couple more patches for AIX
178 Luke Howard <lukeh@padl.com>
* patch from Gabor Gombas for AIX support
* Makefile.am: sasl.o needed by NSS_LDAP
* aix_authmeth.c: method_passwordexpired is
really method_passwdexpired; but since the struct
was bzero()ed no need to set it to NULL
* configure.in: support both gcc and xlc_r
* exports.aix: sv_byport was not exported
* ldap-grp.c: getgrset() returned group names instead of
gid numbers
177 Luke Howard <lukeh@padl.com>
* patch for building on AIX from IBM
* added simple authentication support for AIX
* cleaned up SASL patch to not break if Cyrus
SASL is not installed
176 Luke Howard <lukeh@padl.com>
* fixed bug in SASL patch which had required
OpenLDAP headers
175 Luke Howard <lukeh@padl.com>
* incorporated GSS-API SASL patches
* rebind to server on LDAP_LOCAL_ERROR
174 Luke Howard <lukeh@padl.com>
* added patches from Maxim Batourine for compiling
with Sun workshop compiler
* added notes re: 64-bit compile on Solaris from
above source
173 Luke Howard <lukeh@padl.com>
* notes on IRS in doc/README.IRS
* added irs.h for AIX compat
* patch from Bob Guo for stripping trailing
spaces in ldap.conf.
172 Luke Howard <lukeh@padl.com>
* fixed schema mapping bug by storing a copy of the
mapped schema in the Berkeley DB rather than the
element itself. Because the DB library returns
static storage, this was causing problems where
the schema mapping calls were used to build the
attribute table in ldap-schema.c. This bugfix was
sponsored by n2h2.com; thanks!
171 Luke Howard <lukeh@padl.com>
* added ldap.conf stanza for AIX
* workaround for schema mapping bug.
170 Luke Howard <lukeh@padl.com>
* use _nss_ldap_getrdnvalue() for determining canonical
group name
169 Luke Howard <lukeh@padl.com>
* fixed typo in ldap-service.c; prefix filters now
with _nss_ldap
168 Luke Howard <lukeh@padl.com>
* initialize old_handler to SIG_DFL
* incorporate Stephan Cremer's mapping patches,
a big thanks to Stephan for these!
* use LDAP_OPT_NETWORK_TIMEOUT if available for
network connect timeout
* removed hard-coded schema mapping for
authPassword, NDS and MSSFU
167 Luke Howard <lukeh@padl.com>
* support for new OpenLDAP rebind proc prototype
* in rebind function, respect timeout
* fix for PADL Release Control
166 Luke Howard <lukeh@padl.com>
* corrected small typos
165 Luke Howard <lukeh@padl.com>
* posixMember is a distinguished name, don't pretend it
is a login name
* cleaned up code referencing different member syntaxes
164 Luke Howard <lukeh@padl.com>
* removed IDS_UID code, never worked properly
163 Luke Howard <lukeh@padl.com>
* removed context_free function, usage confusing
162 Luke Howard <lukeh@padl.com>
* in reconnect harness, do not treat entry not found
errors as requiring a reconnect
161 Luke Howard <lukeh@padl.com>
* hopefully fixed use of synchronous searches in
_nss_ldap_getbyname()
160 Luke Howard <lukeh@padl.com>
* patch from RedHat to check for DB3, override
install user/group optionally
* use synchoronous searches for _nss_ldap_getbyname()
* only set SSL options if we have values for those
options
159 Luke Howard <lukeh@padl.com>
* make do_ssl_options() take a config parameter;
avoid segfault with SSL?
158 Luke Howard <lukeh@padl.com>
* in the distinguished name to login cache (dn2uid)
make sure we use the AT(uid) macro for the uid
attribute rather than the hard-coded value of "uid"
This should enable the cache for MSSFU support.
157 Luke Howard <lukeh@padl.com>
* for MSSFU, use posixMember for group memberships
rather than member (reported by Andy Rechenberg)
* ignore SIGPIPE before calling do_close() for
idle_timeout
156 Luke Howard <lukeh@padl.com>
* logic was around the wrong way in do_search(),
all searches were broken!
* --disable-ssl option for configure
* removed "Obsoletes: pam_ldap" from spec file
155 Luke Howard <lukeh@padl.com>
* do not use private API when setting OpenLDAP TLS
options (do_ssl_options())
154 Luke Howard <lukeh@padl.com>
* notes from Scott M. Stone <sstone@foo3.com>
* idle timeout patch from Steve Barrus
153 Luke Howard <lukeh@padl.com>
* SSL fix
152 Luke Howard <lukeh@padl.com>
* further patch from Jarkko for TLS/SSL auth:
support for LDAPS/cipher suite selection/
client key/cert authentication
151 Luke Howard <lukeh@padl.com>
* patch from Andrew Rechenberg for Active
Directory schema support
* patch from Jarkko Turkulainen <jt@wapit.com> for
peer certificate support with OpenLDAP
150 Luke Howard <lukeh@padl.com>
* patch from Anselm Kruis for URI support
149 Luke Howard <lukeh@padl.com>
* fixed compile on Solaris, broken in 145 by
malformed Linux patch
148 Luke Howard <lukeh@padl.com>
* check for HAVE_LDAP_SET_OPTION always
147 Luke Howard <lukeh@padl.com>
* check for ldap_set_option(), as LDAP_OPT_REFERRALS
is defined for OpenLDAP 1.x but without the
ldap_set_option() function
146 Luke Howard <lukeh@padl.com>
* mass reindentation, GNU style
* patch from Simon Wilkinson <sxw@sxw.org.uk>
for compatibility with old initgroups entry
point
* request authPassword attribute if
--enable-authpassword
* authPassword support in ldap-spwd.c (shadow)
145 Luke Howard <lukeh@padl.com>
* preliminary support for authPassword attribute
* updated COPYING
* patch from Szymon Juraszczyk to suppot
_nss_ldap_initgroups_dyn prototype
144 Luke Howard <lukeh@padl.com>
* when specifying filters with nss_base_XXX,
only escape the filter argument not the entire
filter
143 Luke Howard <lukeh@padl.com>
* patch from nalin@redhat.com to avoid
corrupting the heap when the configuration
file exists but has no host and base values.
_nss_ldap_readconfigfromdns() will write to
the region which was already freed.
142 Luke Howard <lukeh@padl.com>
* patch from Simon Wilkinson <sxw@sxw.org.uk>
for memory leak in ldap-service.c
141 Luke Howard <lukeh@padl.com>
* fix for BUG#54 (AIX detection broken)
* use -rpath on all platforms except Solaris,
not just Linux
140 Luke Howard <lukeh@padl.com>
* fix configure bug for DISABLE_SO_KEEPALIVE
* fix alignment bug in util.c; this was causing
Solaris to crash whenever per-map search
descriptors were specified in ldap.conf
139 Luke Howard <lukeh@padl.com>
* updated INSTALL file with boilerplate
* fixed pointer error in ldap-nss.c
138 Luke Howard <lukeh@padl.com>
* close config file FILE * if out of buffer space
for parsing search descriptor
* fixed bug where non-recognized directives in
ldap.conf would cause the configuration file to
not be parsed at all, if they were the last
entries in the config file.
137.1 Luke Howard <lukeh@padl.com>
* patch from nalin@redhat.com; return { NULL } not
NULL for no group members
* cleaned up usage of libc-lock.h weak aliases
to pthreads API; use in ltf.c also
* use __libc_atfork() or pthread_atfork() to
close off connection on fork, rather than
checking PIDs; this is expensive and breaks
on Linux where each thread may have a
different PID.
137 Gabor Gombas <gombasg@inf.elte.hu>
* build nss_ldap as a loadable module on AIX
* doco on AIX
136 Luke Howard <lukeh@padl.com>
* define -DPIC for FreeBSD
* link with -shared not --shared
* fixes for AIX
135 Luke Howard <lukeh@padl.com>
* merged ldap.conf
* fixed bug in concatenating relative search
bases in ldap-nss.c (profile support)
134 Luke Howard <lukeh@padl.com>
* fixed Makefile.am
* reordered DB search order in util.c
133 Luke Howard <lukeh@padl.com>
* make /usr/lib directory in Makefile.am
* new spec file from Joe Little
132 Luke Howard <lukeh@padl.com>
* fixed rebind preprocessor logic
131 Luke Howard <lukeh@padl.com>
* created files for automake happiness
130 Luke Howard <lukeh@padl.com>
* fixed typo preventing build with Netscape
client library
129 Luke Howard <lukeh@padl.com>
* updated version number
* fixed build bug on Solaris
128 Luke Howard <lukeh@padl.com>
* fixed logic bug in util.c introduced in
nss_ldap-127
127 Luke Howard <lukeh@padl.com>
* updating copyright notices
* autoconf support; IRIX and OSF/1 support has
been dropped (dl-*.[ch]) as no one really
used this, the implementation was a hack,
and these operating systems have their
own LDAP implementations now
* added support for "referrals" and "restart"
options to ldap.conf
* use OpenLDAP 2.x rebind proc with correct
arguments
* added "timelimit" and "bind_timelimit"
directives to ldap.conf
* fixed bug with dereferencing aliases
* preliminary support for profiles; recognise
profile semantics in ldap-nss.c/util.c
* parity with pam_ldap; "ssl" directive in
ldap.conf can now specify "yes" or
"start_tls" for Start TLS
* hopefully fixed Berkeley DB include
mess in util.c
* fixed potential buffer overflow in util.c
* default to LDAP protocol version 3
* fixed leaks in util.c, dnsconfig.c
* accept on/yes/true for boolean configuration
values
* tested building on FreeBSD, Solaris 8, Linux
* tested functionality on RedHat 6.2
126 Luke Howard <lukeh@padl.com>
125 Luke Howard <lukeh@padl.com>
* fixed up Linux Makefiles to build libnss_ldap
124 Luke Howard <lukeh@padl.com>
* patch from nalin@redhat.com for StartTLS
* fixed up indenting
123 Luke Howard <lukeh@padl.com>
* rolled in BUG#52 branch with fixes for AIX
122.BZ52.2 Luke Howard <lukeh@padl.com>
* included ldap-schema.c; omitted from previous
checkpoint
122.BZ52.1 Luke Howard <lukeh@padl.com>
* preliminary fix for BUG#52 (support for different
naming contexts for each map)
* fixed bug in enumerating services map
122 Luke Howard <lukeh@padl.com>
* fixed BUG#50 (check return value of ldap_simple_bind())
121 Luke Howard <lukeh@padl.com>
* fixed BUG#49 (fix acknowledged race condition)
120 Luke Howard <lukeh@padl.com>
* added Makefile.aix and exports.aix (forgot)
119 Luke Howard <lukeh@padl.com>
* patch from Gabor Gombas <gombasg@inf.elte.hu>
to support AIX implementation of BIND IRS
118 Luke Howard <lukeh@padl.com>
* Makefile.RPM.openldap2 from Joe Little
117 Luke Howard <lukeh@padl.com>
* permanently ignore SIGPIPE when using SSL. This
bug should be fixed properly.
116 Luke Howard <lukeh@padl.com>
* added irs-nss.diff and README.IRS from Emile
Heitor
115 Luke Howard <lukeh@padl.com>
* fixed filter escaping
* call ldapssl_client_init() once only
* include db_185.h not db.h for dn2uid cache
* fixes for FreeBSD (IRS) support from Emile
Heitor
113 Luke Howard <lukeh@padl.com>
* patch from Ben Collins to escape '*' in filters
110 Luke Howrad <lukeh@padl.com>
* patch from Phlilip Liu for async binds
109 Luke Howard <lukeh@padl.com>
* omit socket check for -DSSL; it doesn't work
* updated CONTRIBUTORS
* updated README re HAVE_LDAP_LD_FREE
108 Luke Howard <lukeh@padl.com>
* included "deref" option in /etc/ldap.conf, compatible
with OpenLDAP syntax. Patch from Michael Mattice.
107 Luke Howard <lukeh@padl.com>
* fixed argument to _nss_ldap_getent() in ldap-ethers.c
106.2 Luke Howard <lukeh@padl.com>
* if root, use rootbinddn/rootbindpw in rebind proc
* include objectClass in pwd required attributes
106.1 Luke Howard <lukeh@padl.com>
* if user is a shadowAccount, then don't return password
in getpwent(), getpwuid() or getpwnam()
* incorporated patch (from Doug Nazar):
* allow getgrent() to be called without setgrent();
note arguments to _nss_ldap_getent() have changed.
* return NSS_NOTFOUND instead of NSS_UNAVAIL at the
end of a search
* initialize len for getpeername()
105 Luke Howard <lukeh@padl.com>
* incorporated patch for deadlock under Solaris (from
Dave Begley)
104 Luke Howard <lukeh@padl.com>
* new spec file
103 Luke Howard <lukeh@padl.com>
* don't call ldap_parse_result() with V2 API
102 Luke Howard <lukeh@padl.com>
* added defines for LDAP_MSG_ONE et al if not in ldap.h
* removed LDAP_MORE_RESULTS_TO_RETURN test
101 Luke Howard <lukeh@padl.com>
* fixed spec file
100 Luke Howard <lukeh@padl.com>
* support for asynchronous search API!
* added some contributors
* notes about ldap_ld_free()
* merged in ChangeLog
99 Luke Howard <lukeh@padl.com>
* added some netgroup implementation tips
* do_close_no_unbind() cleanup
98 Luke Howard <lukeh@padl.com>
* /etc/nss_ldap.secret -> /etc/ldap.secret (sorry,
Doug!)
* deleted crypt-mechanism code. Junk.
* fixed call to _nss_ldap_read() after changing
prototypes in nss_ldap-88
97 Luke Howard <lukeh@padl.com>
* #ifndef HAVE_LDAP_LD_FREE, still call ldap_unbind(),
but having closed the descriptor.
96 Luke Howard <lukeh@padl.com>
* re-orged
95 Luke Howard <lukeh@padl.com>
* disable SO_KEEPALIVE on socket rather than blocking
SIGPIPE. Need to figure out the right way to do this.
94 Luke Howard <lukeh@padl.com>
* committed some changes for the parent/child close
problem. It relies on internal libldap APIs so
it may be non-portable but should work with OpenLDAP
and Netscape client libraries, and perhaps most UMich-
derived client libraries. There's a possible workaround
for client libraries without this; undefine
HAVE_LDAP_LD_FREE to test this.
93 Luke Howard <lukeh@padl.com>
* important fix: make sure return status is reset
after do_open() == NSS_SUCCESS, just in case
no entries are returned. This bug was introduced
in nss_ldap-88 and could potentially cause a
security hole.
92 Luke Howard <lukeh@padl.com>
* signal handling fix: don't restore handler
unnecessarily.
* don't open nss_ldap.secret unless a root pw
is specified in ldap.conf
91 Luke Howard <lukeh@padl.com>
* reorganized SIGPIPE blocking code
* added SSL support
90 Luke Howard <lukeh@padl.com>
* only reconnect if we've changed to/from root
89 Luke Howard <lukeh@padl.com>
* cleaned up a few things
88 Luke Howard <lukeh@padl.com>
* added breaks to switch in _nss_ldap_lookup
(thanks to Nathan.Hawkins@FMR.COM for pointing
this out)
* save signal handler and ignore SIGPIPE for
appropriate sections of do_open() and confirm
connection is still active (patch from
rpatel@globix.com)
* allow root users to bind as a different user,
to provide quasi-shadow password support (patch
from nazard@dragoninc.on.ca)
* under Linux, make Makefile look at last libc
version (patch from nazard@dragoninc.on.ca)
* never clobber nsswitch.ldap/ldap.conf when
making install (patch from nazard@dragoninc.on.ca)
* change do_open() to not unbind the parent ldap
connection when the pid changes but simply open a
new connection (patch from nazard@dragoninc.on.ca)
* changed _nss_ldap_lookup() and _nss_ldap_read()
prototypes to return NSS_STATUS error codes,
so that NSS_UNAVAIL percolates as appropriate.
87 Luke Howard <lukeh@padl.com>
* fixed looking up DN-membered groups by member. Thanks
to Jeff Mandel for spotting this hard to find bug.
86 Luke Howard <lukeh@padl.com>
* member for NDS vs uniqueMember (needs further
investigation; -DNDS)
85 Luke Howard <lukeh@padl.com>
* check non-NULLity of userdn before freeing
* use AT(uid) for groupsbymember filter
84 Luke Howard <lukeh@padl.com>
* implemented _nss_ldap_initgroups()
81 Luke Howard <lukeh@padl.com>
* removed extraneous do_sleep() code
* updated spec file
80 Luke Howard <lukeh@padl.com>
* (really 2.80) changed version number a la Solaris 7!
* cleaned up schema stuff into ldap-schema.h
2.79 Luke Howard <lukeh@padl.com>
* implemented exponential backoff reconnect logic
2.78 Luke Howard <lukeh@padl.com>
* removed ldap.conf.ragenet from lineup
* removed spurious do_close()
2.76 Luke Howard <lukeh@padl.com>
* added -lresolv to Solaris makefiles
2.75 Luke Howard <lukeh@padl.com>
* incorporated RPM patches from stein@terminator.net
2.72 Luke Howard <lukeh@padl.com>
* implemented getgroupsbymember() for Solaris.
Supplementary groups should be initialized now.
(NB: doesn't appear to be quite working for
RFC2307bis yet.)
* GNU indent-ified
2.71 Luke Howard <lukeh@padl.com>
* removed -DDEBUG as default build flag
2.70 Luke Howard <lukeh@padl.com>
* put /usr/ucblib back into linker search path for
Solaris.
2.69 Luke Howard <lukeh@padl.com>
* added timeout, unavailable, and server busy
conditions to rebind logic
* indent -gnu all source files
2.68 Luke Howard <lukeh@padl.com>
* mods for glibc 2.1 (__set_errno is obselete it seems)
2.65 Luke Howard <lukeh@padl.com>
* mods to compile with OpenLDAP 2
2.64 Luke Howard <lukeh@padl.com>
* changed alias schema to Sun SDS nisMailAlias schema
* updated TODO list to reflect Bugzilla entries
* restored capitalization of attributes for "niceness"
2.63 Luke Howard <lukeh@padl.com>
* added patch from gero@faveve.uni-stuttgart.de for
parsing of ldap.conf with tabs
* some fixes for BSDI BSD/OS IRS
2.62 Luke Howard <lukeh@padl.com>
* added experimental support for DN-membered groups;
to enable, define RFC2307BIS
* fixed align bug (where buflen wasn't being
decremented after pointer alignment)
2.61 Luke Howard <lukeh@padl.com>
* added warning about compiling with DS 4.1 LDAP SDK
2.60 Luke Howard <lukeh@padl.com>
* fixed missing close brace
2.59 Luke Howard <lukeh@padl.com>
* pw_comment field defaults to pw_gecos (Solaris only)
2.56 Luke Howard <lukeh@padl.com>
* fixed Makefile.linux.mozilla NSSLIBVER
2.55 Luke Howard <lukeh@padl.com>
* merged in glibc-2.1 branch
2.54.6 Luke Howard <lukeh@padl.com>
* misc fixes.
2.54.5 Luke Howard <lukeh@padl.com>
* misc fixes.
2.54.4 Luke Howard <lukeh@padl.com>
* glibc-2.1 patches from bcollins@debian.org
2.54.3 Luke Howard <lukeh@padl.com>
* glibc-2.1 support. (Recall #93)
* set erange correctly on Solaris (related to above)
2.51 Luke Howaed <lukeh@padl.com>
* added rebind function
2.51 Luke Howard <lukeh@padl.com>
* added stuff for RC
2.49 Luke Howard <lukeh@padl.com>
* configuration file is now case insensitive
2.47 Luke Howard <lukeh@xedoc.com>
* RFC2052BIS (_ldap._tcp) support
2.45 Luke Howard <lukeh@xedoc.com>
* added #include <stdlib.h> to globals.c
2.44 Luke Howard <lukeh@xedoc.com>
* NULL search base allowed (omit basedn from config file)
2.42 Luke Howard <lukeh@xedoc.com>
* fixed potential crasher in dnsconfig.c
* LDAP session is now persistent for performance reasons.
Removed references to the session anywhere outside
ldap-nss.c. The process ID is cached and the session
reopened after a fork().
2.39 Luke Howard <lukeh@xedoc.com>
* fixed warning in ldap-ethers.c (removed const from
struct ether)
* added ldap_version keyword to ldap.conf for parity with
pam_ldap
2.38 Luke Howard <lukeh@xedoc.com>
* debugged ldap_explode_rdn() code
* added support for Mozilla LDAP client library; see
Makefile.linux.mozilla and ltf.c for more information.
Thanks to Netscape for making their library
available.
2.37 Luke Howard <lukeh@xedoc.com>
* moved to CVS repository and Linux as development
environment
* incorporated ldap-service.c fix from Greg
2.36 Luke Howard <lukeh@xedoc.com>
* util.c: will use ldap_explode_rdn() if it exists
2.35 Luke Howard <lukeh@xedoc.com>
* made util.c compile again. Silly me.
2.34 Luke Howard <lukeh@xedoc.com>
* fixed #endif in testpw.c
* fixed another DN freeing leak in util.c
* added RFC 2307 to distribution (fixed the two
typos in it:
* fixed bug in ...getrdnvalue() (thanks, Greg)
% diff rfc2307.txt ~/rfc2307.txt
480c480
< MUST ( cn $ ipProtocolNumber )
---
> MUST ( cn $ ipProtocolNumber $ description )
1038c1038
< lester:X5/DBrWPOQQaI:10:10:Lester:/home/lester:/bin/csh
---
> lester:X5/DBrWPOQQaI:10:10:Lester:/home/lester:/bin/sh
2.33 Luke Howard <lukeh@xedoc.com>
* rolled in more patches from greg@rage.net:
* removed _r from setXXXent and endXXXent functions
for GNU_NSS
* cleaned up testpw.c to use pthreads and protos
* fixed prototype for gethostbyaddr_r on GNU_NSS
* braced conditional in getservbyname_r
* merged in Makefile.linux and README.LINUX diffs
* added htons(port) in getservbyport_r
* added nsswitch.test
* added ldaptest.pl
* added ldap.conf.ragenet
2.32 Luke Howard <lukeh@xedoc.com>
* moved Makefile to Makefile.solaris
* cleaned up mutex code for Linux, hopefully
2.31 Luke Howard <lukeh@xedoc.com>
* fixed leak in util.c (need to free dn)
* rolled in patches from greg@rage.net:
* fixed ldap-ethers.c to use struct ether
* fixed bracing in ldap-hosts.c (?)
* added SSLEAY patch to ldap-nss.h
* fixed locking in ldap-nss.h
* Makefile changes incorporated into Makefile.linux
2.30 Luke Howard <lukeh@xedoc.com>
* synced into DevMan repository again
* RFC 2307 is the one!
2.29e Luke Howard <lhoward@apple.com>
* util.c: fixed memory leak (call to ldap_value_free())
2.29d Luke Howard <lhoward@apple.com>
* ldap-ethers.c: fixed to use HOSTNAME attribute
2.29c Luke Howard <lhoward@apple.com>
* ieee8022Device -> ieee802Device
2.29b Luke Howard <lhoward@apple.com>
* added ieee8022Device and bootableDevice classes,
at Sun's request.
2.29a Luke Howard <lhoward@apple.com>
* dc -> cn
2.29 Luke Howard <lukeh@xedoc.com>
* changed host/network/ethers naming schema
see the -02 draft revision for more info
2.28 Luke Howard <lukeh@xedoc.com>
* ldap-pwd.c, ldap-spwd.c: fixed tmpbuf stuff. Yuck.
2.27 Luke Howard <lukeh@xedoc.com>
* ANNOUNCE: reflected draft-howard-nis-schema-01.txt
* ldap-spwd.c: default for shadow integer values is -1, not 0
and fixed crasher (thanks to dj@gregor.com)
2.26 Luke Howard <lukeh@xedoc.com>
* globals.c: added offset stuff back for mapping errnumbers.
Weird: this stuff *was* in an earlier version of the work
area. I have no idea where it went. Scary.
2.25 Luke Howard <lukeh@xedoc.com>
* irs-nss.h: added prototype for irs_ldap_acc()
* ldap-*.[ch]: removed redundent PARSER macro
* unbroke for GNU NSS (context_key_t changed to context_handle_t)
2.24 Luke Howard <lukeh@xedoc.com>
* irs-nss.c: added dispatch table for IRS library
* testpw5.c: added additional test program
* ldap-nss.c: removed spurious debug statement
* ldap-nss.c, util.c, dnsconfig.c: cleaned up memory
allocation for config. (This could be improved, but
there is no longer a static ldap_config_t structure.)
* Makefile: general cleanup
2.23 Luke Howard <lukeh@xedoc.com>
* default destructor is now simply wrapped around by individual backend
destructors
* __EXTENSIONS__ defined for Solaris 2.6 to import strncasecmp()
* getbyname: fixed crasher in ldap-nss.c due to uninitialized variable
* ldap-parse.h, assorted others: tidied up resolver calls to use
NSS_ARGS() macro and not to interfere with the previous backend's
status (bad thing!)
* ldap-service.c: cleaned up potential uninitialized var in parser
* ldap-nss.c: no valued arrays are now { NULL } instead of NULL.
2.22 Luke Howard <lukeh@xedoc.com>
* testpw.c: XXX problem. dies with segfault, but gdb doesn't give
me enough information; it's definitely within nss_ldap.so though.
I just can't see the symbols. (Maybe dbx would be better...)
However, testpw doesn't work at *all* under 2.5.1, and technically
it shouldn't as it's not linked against liblthread. I haven't been
able to duplicate this with testpw2, which is the same code linked
with the thread library.
* backported to NeXT
2.21 Luke Howard <lukeh@xedoc.com>
* resolve.h: renamed functions so as to keep namespace clean
* snprintf.h: tidied up for systems which already have snprintf()
and renamed anyway to keep namespace clean (_nss_ldap_snprintf)
* ldap-*.h: made character constants const to avoid nasty warnings
* globals.[ch]: as above
* README, TODO, ANNOUNCE: general documentation updates
* ldap-nss.c, et al: general work on Solaris 2.6 port, to get
nscd working. Lots of fiddling with the locking.
* Major architectural changes to Solaris NSS implementation.
Thread specific data is now stored in the backend, where it
should be: just like it is in IRS. Locking is a little more
coarse now, but it will do for the moment.
* Paul Henson's DCE module gave me the inspiration to do the
backend stuff the "right" way -- thanks, Paul!
* As a result, a lot of the bugs listed in TODO have mysteriously
fixed themselves. :-)
2.20 Luke Howard <lukeh@xedoc.com>
* Makefile.*: ensured resolve.[ch] and dnsconfig.[ch] were there.
* Makefile: should link now with gcc -shared instead of requiring
cc.
2.19 Luke Howard <lukeh@xedoc.com>
* testpw4.c: added irs hostbyname() test
* Makefile: added correct flags to build position indepdenent
code with Sun's compiler (thanks, Bill). Added SRV sources.
* testpw.c: works under NeXT, cleaned up a bit.
* ldap.conf: documented what this file does
* util.c: ignore blank lines in ldap.conf properly
* resolve.h: fixed up for Solaris
2.18 Luke Howard <lukeh@xedoc.com>
* ldap-network.c: fixed infinite loop in getnetbyname()
* util.c: goto out causes a compiler warning under Solaris.
Documented this. Should fix this, I suppose, but we need
to break out of two blocks. (We could remove the code that
handles multivalued DNs, as it's fairly unlikely that someone
will use a DN of o=Xedoc+dc=xedoc,c=US+dc=com, but who knows?)
* ldap-ethers.c: line 215, result was not assigned to an
lvalue (should have been args->status, not args). Fixed.
2.17 Luke Howard <lukeh@xedoc.com>
* Cleaned up documentation and testpw4.c
* dnsconfig.c: Fixed strtok() bug which was clobbering domain
2.16 Luke Howard <lukeh@xedoc.com>
* util.c (_nss_ldap_readconfig) fixed strtok() typo
2.15 Luke Howard <lukeh@xedoc.com>
* dnsconfig.c: got DNS SRV support working under NEXTSTEP
* util.c: (_nss_ldap_getdomainname) made host and network DN parsing
compliant with current draft
2.2 - 2.14 Luke Howard <lukeh@xedoc.com>
* I'll get around to merging in the RCS log here one day.
Nothing very exciting happened, I just backported the code to
NEXTSTEP and compiled it.
2.1 Luke Howard <lukeh@xedoc.com>
* merged in old RCS tree (now nss_ldap 0.2)
1.x Luke Howard <lukeh@xedoc.com>
* old RCS repository (corresponds to nss_ldap 0.1)
